How One City Improved Citizen Experiences and Cybersecurity in One Effort
iStock.com/Melpomenem
Connecting state and local government leaders
COMMENTARY | Washington, D.C.’s Department of Consumer and Regulatory Affairs successfully adopted a single sign-on technology by following these steps.
State and local governments aim to connect with their citizens and provide them with easy access to services. Technology is key to supporting this effort, as it enables agencies to juggle many incoming requests, questions and applications.
But what happens when the technology that’s meant to help government agencies respond to citizens’ needs becomes the bottleneck that prevents them from delivering services?
It’s a challenge that many state and local governments are facing, particularly in light of the Covid-19 pandemic. With social distancing increasing citizens’ demands for speedy online services, it has also exposed the difficulty for government agencies to manage a large volume of incoming citizen requests from multiple applications.
The District of Columbia’s Department of Consumer and Regulatory Affairs (DCRA) found itself in this position and identified a solution to create a frictionless experience for both citizens and agency representatives.
Here’s how they did it.
Why a Change was Needed
The DCRA protects the health, safety and economic interests of district residents by ensuring that every business operating in the city remains code compliant and operates within established guidelines. The agency fields hundreds of thousands of requests per day from residents and business owners through its online portal. People use the portal to request permits, business licenses, order housing inspections and more. Multiple applications are used for each of the services the agency offers. Historically, citizens needed to submit requests through each of the applications and sign in using unique credentials.
This scenario created significant headaches for users. For example, a citizen may need to create separate requests for a business license and a home building permit.
Meanwhile, DCRA representatives had to match the individual’s requests so they could help them with their needs. But they were often stymied by inconsistencies, like nuance in the person’s name or the use of a different username, for each request. This made it difficult to correlate multiple requests from the same person, preventing DCRA reps from having all of the data they needed to address that person’s needs.
Shifting to Single Sign On
The agency significantly reduced the amount of login credentials citizens needed to access the DCRA’s services to one by shifting to a single sign-on model that allows citizens to use the same login information across the site. This makes it much easier for citizens to interact with the DCRA, but it also allows DCRA personnel to more easily correlate different requests to a single person.
Stepping up Security
While the DCRA wanted to make things easier for residents it didn’t want its system to be vulnerable to cyber hackers. Knowing that cyberattacks on state and local agencies are on the rise, the DCRA needed a system to manage and monitor user access.
The agency chose an identity access management (IAM) solution that allows its administrators to monitor user access from a central dashboard. The IAM solution provides them with the ability to control who accesses information and gives visibility into which services and data citizens are using. It also offers multifactor authentication to prove citizens’ identities.
Furthermore, it allows the DCRA to build user personas to ensure that the people accessing the system are who they say they are. Those personas can change and adapt over time based on a user’s perceived level of risk. Perhaps that person has attempted to access multiple applications they would not normally attempt to access; that could indicate suspicious behavior. Access rights for that individual may need to be limited or even revoked. Or the anomaly may be just that—an anomaly. In any case, the system allows administrators to make better decisions on how to manage security for the DCRA portal.
Tying Everything Together
The DCRA integrated both of these solutions with its already-existing customer relationship management platform. Now, DCRA representatives have complete visibility into and access to all of the interactions every citizen has with the agency—not just via the online portal, but also through social media, chatbots and other communication methods.
The results speak for themselves. In just a few months, the DCRA recorded more than 50,000 new user accounts and tens of thousands of unique logins. Users have been very complimentary to the agency, remarking how easy it is to work with the DCRA and receive information and feedback on their requests.
The efforts of the DCRA show that while state and local governments face many challenges, technology does not have to add to their concerns. Indeed, the right technologies, integrated together, can make everyone’s lives a little easier.
Jack Alexander is vice president, state and local government, for Okta, which provides cloud software that helps governments and companies manage and secure user authentication into applications.
NEXT STORY: Report: What City Officials Need to Know About Facial Recognition Technology